National Institute of Standards and Technology
Package illustrating a test case

Test case 153626

Description

This test case implements an sprintf that uses untrusted user input without a format string. The test case takes untrusted user input and passes it to an sprintf that does not implement a format string. This allows the user to pass format strings to the test case causing it to leak sensitive data and possibly allowing an attacker to cause a buffer overflow and inject shell code.
Metadata
- Base program: OpenSSL
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: STRUCT
- Data Flow: BUFFER_ADDRESS_POINTER
- Control Flow: SEQUENCE

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.